office of health protection security sensitive biological
TRANSCRIPT
Office of Health Protection
Security Sensitive Biological Agents
Regulatory Scheme
Regulator Performance Framework
External Review Report
August 2018
2
Contents Executive Summary ......................................................................................................................... 3
Recommendations ............................................................................................................................ 4
1 Introduction .............................................................................................................................. 5
1.1 Security Sensitive Biological Agents Regulatory Scheme ............................................ 5
1.2 Regulator Performance Framework ............................................................................... 5
1.3 External review .............................................................................................................. 6
1.3.1 The Panel ..................................................................................................................... 6
1.3.2 External review rating scale of performance against KPIs.......................................... 6
2 Results ...................................................................................................................................... 7
2.1 KPI 1: Regulators do not unnecessarily impede the efficient operation of
regulated entities ............................................................................................................ 7
2.1.1 Overall assessment ...................................................................................................... 7
2.1.2 Performance overview ................................................................................................. 7
2.2 KPI 2: Communications with regulated entities is clear, targeted and effective ........... 8
2.2.1 Overall assessment ...................................................................................................... 8
2.2.2 Performance overview ................................................................................................. 8
2.3 KPI 3: Actions taken by regulators are proportionate to the regulatory risk being
managed ......................................................................................................................... 9
2.3.1 Overall assessment ...................................................................................................... 9
2.3.2 Performance overview ................................................................................................. 9
2.4 KPI 4: Compliance and monitoring approaches are streamlined and coordinated ...... 10
2.4.1 Overall assessment .................................................................................................... 10
2.4.2 Performance overview ............................................................................................... 10
2.5 KPI 5: Regulators are open and transparent in their dealings with regulated entities . 11
2.5.1 Overall assessment .................................................................................................... 11
2.5.2 Performance overview ............................................................................................... 11
2.6 KPI 6: Regulators actively contribute to the continuous improvement of regulatory
frameworks ................................................................................................................... 12
2.6.1 Overall assessment .................................................................................................... 12
2.6.2 Performance overview ............................................................................................... 12
3 General observations .............................................................................................................. 13
3.1 Overall assessment of the Regulator’s performance .................................................... 13
3.2 Observations of the Regulator Performance Framework ............................................. 13
4 Recommendations .................................................................................................................. 14
5 Terms of reference ................................................................................................................. 15
5.1 List of evidence ............................................................................................................ 25
3
Executive Summary
The Department of Health has responsibility for administration of the Security Sensitive Biological
Agents Regulatory Scheme (SSBA Regulatory Scheme). This is undertaken within the Health
Emergency Management Branch in the Office of Health Protection, the Regulator.
External reviews of regulator performance against the Regulator Performance Framework (RPF)
are conducted to confirm the validity of, and provide external accountability to, regulator
self-assessments of their performance against the Key Performance Indicators (KPI) under the RPF.
In accordance with RPF guidelines, this review was conducted by a review panel consisting of
government and industry representatives.
The Panel found that evidence provided by the Regulator of the removal of Salmonella Typhi and
Vibrio cholerae in March 2016 from the List of Security Sensitive Biological Agents (SSBAs),
significantly contributed to the Regulator meeting KPIs 1, 2, 3, 5 and 6 under the RPF. The Panel
found that the removal of these two agents from the List of SSBAs:
o reduced the reporting requirements for regulated entities (KPI 1)
o demonstrated that the Regulator’s ‘communications with its regulated entities was clear, targeted
and effective’ (KPI 2)
o was an example of the Regulator reassessing risk and adjusting their regulatory settings in
proportion to the risk being regulated (KPI 3)
o showed that the Regulator was open and transparent in their dealings with regulated entities
(KPI 5); and,
o contributed to the continuous improvement of the SSBA Regulatory Scheme (KPI 6).
The Panel found that evidence provided by the Regulator of its compliance inspection agreement
with the Office of the Gene Technology Regulator (OGTR) significantly contributed to the Regulator
meeting KPIs 1 and 4. The Panel found that by coordinating compliance inspections with the OGTR,
the Regulator directly reduced the regulatory burden on regulated entities (KPI 1) by reducing the
duration of compliance inspections. The Panel also found that by regularly reviewing and adjusting
its compliance schedule to better align with that of the OGTR (KPI 4), the Regulator’s compliance
and monitoring approach continued to be streamlined and coordinated.
The Panel agreed with the Regulator’s self-assessment for each of the KPIs and its overall
self-assessment of ‘Very Good’ for its regulatory performance during the reporting period
(2015-16).
4
Recommendations
Whilst agreeing with the Regulator’s overall self-assessment of ‘Very Good’, the Panel believes there
are opportunities for further improvements and recommends the following:
1. The Regulator considers additional mechanisms, such as regular surveys of their regulated entities,
to provide further evidence of their performance and the felt effect of their regulatory processes on
their regulated entities.
2. The Regulator reviews their evidence metrics and amends them where necessary to better measure
their performance against the RPF KPIs.
3. The Regulator considers opportunities to coordinate their inspections with those undertaken by
regulators in other Commonwealth Departments.
5
1 Introduction
1.1 Security Sensitive Biological Agents Regulatory Scheme
The Department of Health has responsibility for administration of the SSBA Regulatory Scheme. This is
undertaken within the Health Emergency Management Branch (HEMB) in the Office of Health
Protection, the Regulator. The aim of the SSBA Regulatory Scheme is to limit opportunities for acts of
bioterrorism or bio-crime to occur using harmful biological agents and to provide a legislative
framework for managing the security of Security Sensitive Biological Agents (SSBAs). Part 3 of the
National Health Security Act 2007 (NHS Act) established the SSBA Regulatory Scheme for entities and
facilities that handle suspected or known SSBAs. The National Health Security Regulations 2008
support the NHS Act by providing operational detail about the SSBA Regulatory Scheme.
The SSBA Regulatory Scheme was developed using risk management principles to achieve a balance
between counter-terrorism concerns and the interests of the regulated community, and, aims to maintain
appropriate access to SSBAs for those with a legitimate need. The SSBA Regulatory Scheme also gives
effect to Australia's obligations under the Biological and Toxin Weapons Convention and UN Security
Council Resolution 1540.
1.2 Regulator Performance Framework
The Australian Government implemented the RPF on 1 July 2015 to assess the regulatory performance
of regulators. The RPF comprises the following six outcomes-based KPIs to articulate the Government’s
overarching expectations of regulator performance:
1. Regulators do not unnecessarily impede the efficient operation of regulated entities
2. Communication with regulated entities is clear, targeted and effective
3. Actions undertaken by regulators are proportionate to the regulatory risk being managed
4. Compliance and monitoring approaches are streamlined and coordinated
5. Regulators are open and transparent in their dealings with regulated entities
6. Regulators actively contribute to the continuous improvement of regulatory frameworks.
These KPIs outline the principles that all regulators should be using to guide their regulatory
performance. Tailored measures of good regulatory performance, based on these high-level principles,
would be adopted to enable comprehensive review of individual regulators and their specific tasks and
role. The KPIs are supported by ‘measures of good regulatory performance’ to assist regulators in
assessing their achievement of the KPIs.
The RPF aims to encourage regulators to undertake their functions with the minimum impact necessary
to achieve regulatory objectives and to effect positive, ongoing and lasting cultural change within their
organisation. The RPF allows regulators to report objectively on the outcomes of their efforts to
administer regulation fairly, effectively and efficiently.
The Department of Jobs and Small Business has overall policy responsibility for the Government’s
Deregulation Agenda. Further information about the RPF is available on the Department of Jobs and
Small Business Deregulation Agenda web page.
6
1.3 External review
The assessment of regulators under the RPF involves annual self-assessments and periodic external
reviews. External reviews of regulator performance against the RPF are conducted to confirm the
validity of, and provide external accountability to, regulator self-assessments.
The self-assessment of the Regulator’s performance that is the subject of the external review covered the
period of the 2015-16 financial year (the reporting period) and was finalised and published in December
2016. The Regulator’s 2015-16 self-assessment report (the Report) was used for the purposes of the
external review because that process commenced before the results of the 2016-17 self-assessment
became available.
1.3.1 The Panel
In accordance with RPF guidelines, the review was conducted by a review panel consisting of
government and industry representatives. The Panel included: a representative from the Department of
Health; a representative from a comparable regulator and a representative of the Regulator’s regulated
community. The Panel members appointed to undertake the review in late 2017 were:
Gillian Shaw, Assistant Secretary, Health Systems Policy Division, Department of Health;
Neil Ellis, Acting Assistant Secretary, Office of the Gene Technology Regulator; and
Public Health Laboratory Manager and member of the regulated community.
1.3.2 External review rating scale of performance against KPIs
For consistency, the Panel has used the same rating scale below that the Regulator used in its
self-assessment Report, as follows:
Excellent
Strong
performance
against all the
measures under
the KPI
Very Good
Strong performance
against majority of the
measures under the
KPI and no evidence
of negative/poor
performance against
any measure
Good
Average
performance
against the
measures under the
KPI
Fair
Poor performance
against some
measures under the
KPI
Poor
Poor performance
against most of the
measures under the
KPI
7
2 Results
2.1 KPI 1: Regulators do not unnecessarily impede the efficient
operation of regulated entities
2.1.1 Overall assessment
The Regulator provided evidence that it had reduced the amount of regulation that its regulated entities
were required to comply with and that it did not unnecessarily impede the efficient operation of its
regulated entities during the reporting period. The Panel was satisfied that evidence provided by the
Regulator supported their self-assessed rating of ‘Very Good’ for KPI 1.
2.1.2 Performance overview
2.1.2.1 Removal of biological agents from the List of SSBAs
Evidence provided to the Panel of the removal of Salmonella Typhi and Vibrio cholerae in March 2016
from the List of SSBAs significantly contributed to the Regulator meeting KPI 1. This measure resulted
in reduced reporting for regulated entities holding these agents. Additionally, entities that were only
holding one or both of these agents were no longer required to comply with the requirements of the
SSBA Regulatory Scheme as a whole. The Panel found that the removal of these two agents from the
List of SSBAs reduced the reporting requirements for regulated entities, and for some regulated entities,
the need to undergo on-going inspections and thereby contributed to the efficiency of their operations.
2.1.2.2 Reporting
The Panel received evidence of the availability of regulated entities to provide reports to the Regulator
on-line which supported the Regulator meeting KPI 1. Although the on-line reporting facility was
available prior to the beginning of the reporting period, it was maintained fault-free and was available
24/7 throughout the reporting period. The Panel found that on-line reporting provided a more efficient
means of entry and transmission of data for regulated entities.
2.1.2.3 Compliance inspections
The Regulator provided evidence of the coordination of compliance inspections with the OGTR which
contributed to the Regulator meeting KPI 1. Although the evidence presented concerning compliance
inspections under KPI 1 outlined facilitation work undertaken by the Regulator, the Panel heard that the
streamlining of the Regulator’s compliance inspections by combining them with those of the OGTR was
well received by regulated entities. With compliance inspections taking up to several days to complete,
the Panel found that coordinating compliance inspections with the OGTR directly reduced the
regulatory burden on regulated entities.
2.1.2.4 Correspondence
The Panel heard evidence of the diverse methods of correspondence made available for regulated
entities to provide feedback to the Regulator, which supported the Regulator meeting KPI 1. The Panel
found that the diversity of contact methods available provided flexibility for regulated entities in the
way they were able to communicate with the Regulator and thereby contributed to the efficiency of their
operations. The Regulator received no formal complaints regarding the SSBA Regulatory Scheme
during the reporting period.
8
2.2 KPI 2: Communications with regulated entities is clear, targeted
and effective
2.2.1 Overall assessment
Evidence provided by the Regulator concerning information and the channels for information exchange
available to their regulated entities demonstrated that the Regulator’s ‘communications with its
regulated entities was clear, targeted and effective’ and supported their self-assessed rating of ‘Very
Good’ for KPI 2.
2.2.2 Performance overview
2.2.2.1 SSBA webpage
The Panel found that the provision of information on the SSBA webpage was a primary source of
evidence that supported the Regulator meeting KPI 2. This included two SSBA Newsletters during the
reporting period (December 2015 and June 2016), which provided regulated entities with information
about the removal of Salmonella Typhi and Vibrio cholerae from the List of SSBAs. Additionally, the
Panel found that the availability of the SSBA Standards, Fact Sheets and Guidelines on the webpage
allowed regulated entities to quickly and easily access the information they required to comply with the
SSBA Regulatory Scheme.
2.2.2.2 Regulator presentations
The Regulator provided evidence that during the reporting period it delivered three formal presentations
on the SSBA Regulatory Scheme. These included presentations at the Australian National University
(ANU) (Biosecurity Course), ANU (National Security College) and Association of Biosafety for
Australia & New Zealand (ABSANZ) conference. The Panel found that these presentations allowed the
Regulator to tailor its information to targeted audiences and provide responsive feedback on issues
raised, which in turn supported the Regulator meeting KPI 2.
2.2.2.3 On-line training
The Regulator provided evidence that it maintained an on-line training facility for its regulated entities,
which was found by the Panel to contribute to the Regulator meeting KPI 2. This online training facility,
while not mandatory, was provided to assist regulated entities to explain the supporting legislation and
to deliver training in accordance with the SSBA Standards.
2.2.2.4 Correspondence
Evidence of the range of correspondence methods offered by the Regulator to enable regulated entities
to provide feedback supported the Regulator meeting KPI 2. As with KPI 1, the Panel found that the
diversity of contact methods available provided flexibility for regulated entities in the way they were
able to communicate with the Regulator.
9
2.3 KPI 3: Actions taken by regulators are proportionate to the
regulatory risk being managed
2.3.1 Overall assessment
Evidence provided by the Regulator of the process undertaken for the removal of Salmonella Typhi and
Vibrio cholerae from the List of SSBAs and of the risk-based settings for their compliance program,
supported their self-assessed rating of ‘Excellent’ for KPI 3.
2.3.2 Performance overview
2.3.2.1 Removal of biological agents from the List of SSBAs
As with KPI 1, the Panel found that the removal of Salmonella Typhi and Vibrio cholerae in March
2016 from the List of SSBAs significantly contributed to the Regulator meeting KPI 3. The removal of
these two agents followed a review by the Regulator which is undertaken at five year intervals.
The re-classification of Salmonella Typhi and Vibrio cholerae as not being SSBAs was an example of
the Regulator reassessing risk and adjusting their regulatory settings in proportion to the risk being
regulated.
2.3.2.2 Compliance inspections
The Regulator provided evidence that it undertook compliance inspections proportionate to the risk
being managed. For example, the Regulator inspected all facilities within the first 12 months of
registration. Thereafter, registered facilities handling Tier 1 SSBAs were inspected every 18 months and
registered facilities handling Tier 2 SSBAs were inspected every two years. Non-registered facilities
were inspected on an as-needed basis. Spot checks of registered and non-registered facilities occurred on
a random basis. The Regulator also employed compliance inspection plans for registered and
non-registered entities based on the risks posed. The Panel found that these compliance practices
contributed to the Regulator meeting KPI 3.
2.3.2.3 Consultations
The Regulator provided evidence that the requirements of the SSBA Regulatory Scheme, particularly in
relation to the review of the List of SSBAs, was discussed with the Public Health Laboratory Network
(PHLN) at two meetings and with the Australian (counter) Bioterrorism Laboratory Network (ABLN) at
one meeting. The purpose of these meetings, as stated in the Regulator’s RPF Evidence Metrics, was to
discuss and seek feedback from PHLN and ABLN on the appropriateness of the SSBA Regulatory
Scheme requirements against the risk being managed. Both the PHLN and the ABLN were also
approached during the formal consultation period for the review of the List of SSBAs as scientific and
technical experts, as required by s 33(1)(a)(ii) of the NHS Act. The Panel found that these consultation
activities supported the Regulator meeting KPI 3.
10
2.4 KPI 4: Compliance and monitoring approaches are streamlined
and coordinated
2.4.1 Overall assessment
Evidence provided by the Regulator of its compliance inspection agreement with the OGTR to
coordinate and streamline its compliance inspections supported their self-assessed rating of ‘Very Good’
for KPI 4.
2.4.2 Performance overview
2.4.2.1 Compliance inspections
The Panel found that evidence provided by the Regulator that it continued to coordinate compliance
inspections of its regulated entities’ facilities with the OGTR significantly contributed to the Regulator
meeting KPI 4. The Regulator reviewed its inspection schedule, for example, at each SSBA Compliance
Committee meeting and adjusted its schedule to better align with that of the OGTR and the Regulator’s
priorities, as necessary. By coordinating and streamlining its compliance inspections with those of the
OGTR, the Panel found that the Regulator reduced the impost it posed on regulated entities while
continuing to carry out its compliance inspection plan.
11
2.5 KPI 5: Regulators are open and transparent in their dealings with
regulated entities
2.5.1 Overall assessment
The Panel found that there are sufficient similarities between KPI 2 and KPI 5 that they could be
assessed using the same evidence. The RPF describes better practice for both KPI 2 and KPI 5 as
‘regulators clearly communicating the compliance requirements of a regulatory scheme and clearly
communicating why and how the requirements contribute to its achievement’. Evidence provided by
the Regulator under KPI 2 was assessed as sufficient to show that the Regulator met KPI 5 and is
commensurate with their self-assessed rating of ‘Very Good’ for this KPI.
2.5.2 Performance overview
In addition to evidence provided under KPI 2, the Regulator also provided evidence to support it
meeting KPI 5. This included:
the availability of on-line information
consultation meetings regarding changes to the List of SSBAs
the diverse options for regulated entities to communicate with the Regulator; and
the efficient and effective manner in which the Regulator responded to correspondence from
regulated entities.
The Panel found that these measures accord with the Regulator being open and transparent in their
dealings with regulated entities and communicating in a clear, targeted and effective manner.
12
2.6 KPI 6: Regulators actively contribute to the continuous
improvement of regulatory frameworks
2.6.1 Overall assessment
Evidence provided by the Regulator concerning the review of the List of SSBAs and consideration of
issues raised by their stakeholders, contributed to the continuous improvement of the SSBA Regulatory
Scheme and supported the Regulator’s self-assessed rating of ‘Very Good’ for KPI 6.
2.6.2 Performance overview
2.6.2.1 Regular review of SSBAs
The Panel found that the removal of Salmonella Typhi and Vibrio cholerae from the List of SSBAs
contributed to the Regulator meeting KPI 6 as this action reduced the regulatory burden on SSBA
regulated entities, and thereby contributed to the efficiency of their operations as described under KPI 1
at 2.1.2.1. The Report lists amendments to SSBA Guidelines and Fact Sheets to reflect the change in the
List of SSBAs in support of the Regulator meeting KPI 6. The Panel found that the review of the List of
SSBAs and the subsequent removal of the two agents was an example of the Regulator actively
contributing to the continuous improvement of the SSBA Regulatory Scheme.
2.6.2.2 Consultation
The Regulator provided evidence that feedback from its regulated entities was encouraged through the
SSBA email inbox, phone line and correspondence with stakeholders, including during compliance
inspections. When appropriate, issues raised by regulated entities were added to a matrix of issues
indicating the Regulator’s willingness to consider feedback that may contribute to the continuous
improvement of the SSBA Regulatory Scheme. The Panel found that the Regulator’s consultations with
stakeholders contributed to the review of SSBAs and the subsequent removal of Salmonella Typhi and
Vibrio cholerae from the List.
13
3 General observations
3.1 Overall assessment of the Regulator’s performance
Overall, the Panel found that evidence provided by the Regulator to support its Report was sufficient to
assess the Regulator as having met the requirements of the six RPF KPIs. The Panel agrees with the
Regulator that an overall performance rating of ‘Very Good’ was appropriate for the reporting period
and acknowledged this was strongly supported through the external stakeholder validation process.
The Regulator indicated to the Panel that the felt effect of their regulatory performance on their
regulated entities was primarily received through monitoring inspections rather than via correspondence
or formal surveys. The Panel sought contact details for the Regulator’s regulated entities from the
Regulator in order to further assess the felt effect of the Regulator’s regulatory performance. However,
the Regulator was unable to provide these details to the Panel due to National Security considerations.
The Panel found the SSBA Regulatory Scheme to be a mature regulatory scheme and as indicated by
the peak association representing its regulated community, that it was widely supported. The Regulator
and its regulated entities have a shared and common interest in the success of the SSBA Regulatory
Scheme and as such, there is a high level of compliance with the SSBA regulations and cooperation
between the Regulator and its regulated entities.
3.2 Observations of the Regulator Performance Framework
The Panel notes that:
There is a significant amount of overlap/cross-over between the RPF KPIs, particularly between
KPI 2 and KPI 5. Accordingly, an opportunity exists for the Department of Jobs and Small Business,
which has responsibility for the RPF for the Commonwealth, to rationalise and refine the RPF to
make it more efficient and effective.
The development of better guidance for panel members on their assessment responsibilities, and on
the overall external review process by the Department of Jobs and Small Business, would help to
ensure consistent processes and comparable outcomes.
There is a risk of stakeholder consultation fatigue given the frequency of RPF reviews, particularly
the annual self-assessments that must be externally validated. Therefore, more value might be
extracted from the RPF if reviews were less frequent, and agencies were given time to act on
previously identified opportunities for improvement.
The SSBA Regulatory Scheme is a small, well-established and mature regulatory scheme with a
small cohort of supportive and compliant stakeholders and therefore, consideration should be given
by the Department of Jobs and Small Business to exempt such small regulators from the
requirements of the RPF due to its disproportionate impact.
14
4 Recommendations
Whilst agreeing with the Regulator’s overall self-assessment of ‘Very Good’, the Panel believes there
are opportunities for further improvements and recommends the following:
1. The Regulator considers additional mechanisms, such as regular surveys of their regulated entities,
to provide further evidence of their performance and the felt effect of their regulatory processes on
their regulated entities.
2. The Regulator reviews their evidence metrics and amends them where necessary to better measure
their performance against the RPF KPIs.
3. The Regulator considers opportunities to coordinate their inspections with those undertaken by
regulators in other Commonwealth Departments.
15
5 Terms of reference
External Review of the regulatory performance of the Security Sensitive
Biological Agents, Office of Health Protection
Terms of Reference
Context
The Regulator Performance Framework
The Regulator Performance Framework (RPF), which came into operation on 1 July 2015, aims to
increase transparency and accountability in the way regulators perform their role. The RPF sets out six
broad outcome-based Key Performance Indicators (KPIs) to measure and assess the performance of
regulators.
The RPF includes a tiered process of reviews of the regulatory performance of regulators including
annual self-assessments and periodic external reviews. Health’s programme of external reviews of its
regulators over 2015-18 was agreed with the Prime Minister in October 2016.
All Australian Government regulators subject to the RPF are required to develop, and publish, a set of
evidence metrics (output/activity based indicators) to assess their performance against the RPF KPIs
through the annual self-assessments and periodic external reviews.
The Security Sensitive Biological Agents Regulatory Scheme (SSBA), Office of Health Protection
The SSBA is one of the Health regulators subject to the requirements of the RPF.
The SSBA published its evidence metrics in July 2015 on Health’s website and conducted its first
annual self-assessment of its regulatory performance in 2015-16. This self-assessment report was
validated by the Public Health Laboratory Network Executive Group (PEG), and published on Health’s
website on 23 December 2016.
The SSBA Regulatory Scheme was nominated for an external review of its regulatory performance
during 2015-18 and is the first regulator in the Health Portfolio to participate.
Purpose and Scope
The purpose of this external review of regulatory performance under the RPF is to confirm the validity
of, and provide external accountability for, the SSBA Regulatory Scheme’s 2015-16 self-assessment
and highlight areas for improvement of their regulatory performance.
The RPF requires that the review panel (the Panel) limit the focus of the review to the regulator’s
performance in applying legislation efficiently and with as minimum impact on stakeholders as possible
rather than on the appropriateness or fairness of the legislation itself.
With reference to the purpose, the Panel will:
review evidence to assess the SSBA Regulatory Scheme’s performance against the RPF KPIs, listed
at Attachment A
focus on the SSBA Regulatory Scheme’s communication methods and channels with its regulated
community
assess the extent to which the SSBA Regulatory Scheme’s evidence metrics align with, and
contribute to, the Scheme meeting the RPF KPIs
assess the extent to which the SSBA Regulatory Scheme’s 2015-16 self-assessment report clearly
explains the Scheme’s performance against RPF KPIs
identify areas in need of improvement and suggest actions for improving performance; and
highlight areas of best practice performance observed during the review.
16
Governance
The Review Panel
The review will be conducted by a review panel.
The membership of the Panel, which was developed in accordance with RPF guidelines, is:
Assistant Secretary, Best Practice Regulation Branch (BPRB), as a Departmental representative
an officer from the Office of the Gene Technology Regulator, as a comparable regulator
representative; and
a member of the Public Health Laboratory Network, as a key stakeholder group for the SSBA
Regulatory Scheme.
The Assistant Secretary, BPRB will chair the Panel.
The Panel will be expected to meet 1-2 times during November-December 2017. The meetings may be
attended in person or via teleconference.
The Panel will cease to exist with the finalisation of the review report.
The review secretariat
Regulatory Reform Section, BPRB will provide secretariat support to the Panel.
The secretariat will be available to undertake, at the Panel’s discretion, supporting activities, including:
developing a draft design of the review including methodology
gathering and analysing evidence for the review; and
preparing a draft report, for the Panel’s consideration and approval.
Review Approach
The RPF encourages review panels to complement the reporting of quantitative data with qualitative
information and recommends judgments on performance be made by drawing on a range of evidence
from different sources to allow a comprehensive assessment of performance.
The Panel also needs to balance the benefits of transparency against the costs (time and money)
associated with collecting the evidence necessary to make an assessment of the SSBA Regulatory
Scheme’s performance.
Deliverable
The results of the review are expected to be reported to the Minister and published on the Department of
Health’s website.
Review Methodology
The external review will examine the SSBA Regulatory Scheme’s performance against the RPF
focussing on its communication methods and channels with its regulated community. In doing so, it will
confirm the validity of and provide external accountability for the SSBA Regulatory Scheme’s 2015-16
self-assessment report.
The external review will be a desktop exercise examining performance against the six RPF KPIs.
During the review the Panel will:
have access to an SSBA subject matter expert (SSBA expert); and
have the opportunity to request further information/evidence.
17
The SSBA expert will attend the first Panel meeting and provide an overview of the SSBA Regulatory
Scheme’s regulatory functions and regulatory performance relating to the RPF. The SSBA expert will
also answer questions from the Panel and respond to requests for further evidence to support their
performance.
Appendices 1–6 provide an assessment framework for each KPI, drawing on the Department of Prime
Minister and Cabinet’s (PM&C) examples of:
better practice
measures of good regulatory performance; and
output/activity based evidence.
The proposal is for the Panel to use the assessment framework to guide its examinations.
At the conclusion of the Panel’s review, the secretariat will use the Panel’s completed assessment to
form the basis of the draft report, which will be provided to the Panel for review and agreement.
18
Attachment A
The Regulator Performance Framework (RPF) Key Performance Indicators (KPIs)
The RPF comprises the following six outcomes-based KPIs against which the regulatory performance of
regulators is measured. These are:
KPI 1 – Regulators do not unnecessarily impede the efficient operation of regulated entities.
KPI 2 – Communication with regulated entities is clear, targeted and effective.
KPI 3 – Actions undertaken by regulators are proportionate to the risk being managed.
KPI 4 – Compliance and monitoring approaches are streamlined and coordinated.
KPI 5 – Regulators are open and transparent in their dealings with regulated entities.
KPI 6 – Regulators actively contribute to the continuous improvement of regulatory
frameworks.
19
Appendix 1
20
Appendix 2
21
Appendix 3
22
Appendix 4
23
Appendix 5
24
Appendix 6
25
5.1 List of evidence
1. National Health Security Act 2007
2. National Health Security Regulations 2008
3. SSBA RPF 2015-16 Self-assessment report
4. SSBA RPF Evidence metrics
5. SSBA Standards
6. Review of Biological Agents of Security Concern Final Report February 2016
7. Review of Biological Agents of Security Concern Consultation Report October 2015
8. SSBA Regulatory Scheme Inspection Program
9. SSBA Internal Review Tool
10. SSBA Security Risk Template
11. SSBA website
12. SSBA Fact Sheets
- Fact Sheet 1 – Overview
- Fact Sheet 2 – About Us
- Fact Sheet 3 – Legislative Framework
- Fact Sheet 4 – Exemptions
- Fact Sheet 5 – List of Security Sensitive Biological Agents
- Fact Sheet 6 – Top Management
- Fact Sheet 7 – Monitoring and Compliance
- Fact Sheet 8 – Emergency Disease Situations
- Fact Sheet 9 – Disposal
- Fact Sheet 10 – Information Security
- Fact Sheet 11 – Upgrading a Facility from Tier 2 to Tier 1 SSBAs
- Fact Sheet 12 – Domestic Legislation
- Fact Sheet 13 – International Conventions and Agreements
- Fact Sheet 14 – Dual-Use
- Fact Sheet 15 – National Health Security Checks
- Fact Sheet 16 – Emergency Situations
- Fact Sheet 17 – Changes to the National Health Security Legislation
13. SSBA Guidelines
- Guideline 1 – Entities and Facilities
- Guideline 2 – Registered Facility Reporting Requirements
- Guideline 3 – Handling a Person or Animal, or Samples from a Person or Animal, Affected by
an SSBA
- Guideline 4 – Defining Loss, Theft and Accidental Release of SSBAs
- Guideline 5 – Reporting to Law Enforcement or the National Security Hotline
26
- Guideline 6 – SSBA Toxins
- Guideline 7 – SSBAs in the Natural Environment
- Guideline 8 – Transporting SSBAs and Suspected SSBAs
- Guideline 9 – Non-Registered Facility Reporting and Requirements
- Guideline 10 – SSBA Regulatory Scheme Monitoring Inspections
- Guideline 11 – SSBAs and Other Regulatory Schemes